This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Known issues in OpenSSL 1.0.2:
-
- o Issues compiling WIN32 static libraries.
-
- Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.2 [in beta]:
+ Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.2 [in beta]:
o Suite B support for TLS 1.2 and DTLS 1.2
o Support for DTLS 1.2
o ALPN support.
o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
+ Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
+
+ o Fix for CVE-2014-0224
+ o Fix for CVE-2014-0221
+ o Fix for CVE-2014-0195
+ o Fix for CVE-2014-3470
+ o Fix for CVE-2010-5298
+
+ Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
+
+ o Fix for CVE-2014-0160
+ o Add TLS padding extension workaround for broken servers.
+ o Fix for CVE-2014-0076
+
Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
o Don't include gmt_unix_time in TLS server and client random values